Microsoft Flubs Patch, Putting Users At Risk

Posted by ryuzaki0 on Tuesday August 22, 2006 @07:41AM from the i'm-working-here dept.

An anonymous reader writes "Microsoft is rushing to fix a flaw introduced by the company's latest security update to Internet Explorer. From the article: 'The flaw, initially thought to only crash Internet Explorer, actually allows an attacker to run code on computers running Windows 2000 and Windows XP Service Pack 1 that have applied the August cumulative update to Internet Explorer 6 Service Pack 1, security firm eEye Digital Security asserted. The update, released on August 8, fixed eight security holes but also introduced a bug of its own, according to Marc Maiffret, chief hacking officer for the security firm, which notified Microsoft last week that the issue is exploitable.'"

3 of 209 comments (clear)

Min score:

Reason:

Sort:

So, does this mean... by GFLPraxis · 2006-08-22 07:57 · Score: 0, Redundant

...that Microsoft is going to have to release a patch to the patch?
Re:wtf? by Sporkinum · 2006-08-22 08:03 · Score: 0, Redundant

Chief Hacking Officer.. Best title ever!

--
"He's lost in a 'floyd hole"
Re:Critical Mass by jofi · 2006-08-22 21:25 · Score: 0, Redundant

It was because of changes to buffers they made in XP SP2 and 2003 SP1.

--
Blame the user, not the software.